This was originally posted on July 28, 2023.

Phoenix, AZ — Today, Governor Katie Hobbs sent a letter to Arizona Department of Education Superintendent Tom Horne requesting detailed plans for protecting the personal data of Arizona students and families. Recently, the company responsible for the financial administration of the ESA program, ClassWallet, experienced a data breach that prompted the activation of the state Incident Response Team at the Arizona Department of Homeland Security. Following this incident, two high ranking ESA officials suddenly and unexpectedly resigned, raising concerns and questions about the administration of the ESA voucher program and the protection of student data.

“It is my responsibility to ensure the safety and security of our state, our agencies, and our people,” said Governor Katie Hobbs. “Arizona students and families deserve to know that proper measures are in place to protect their personal information. I look forward to Superintendent Horne’s prompt response and appreciate the Department’s cooperation with the Arizona Department of Homeland Security.”

In the letter, which requests a written report by August 3rd, Governor Hobbs requests the following information:

1. How is your administration responding to the data breach that occurred through ClassWallet and what actions are being taken to prevent a similar event in the future?
2. How have ESA parents been notified of the unauthorized data disclosure of their child’s personal information?
3. What steps is your administration taking to address any potential violations of the Family Educational Rights and Privacy Act's (FERPA) release of education records provision and disclosure consent requirements? (see, e.g., disclosure consent requirements for the release of education records, as set forth in 34 C.F.R. § 99.30) 
4. What steps is your administration taking to address any potential violations of State statutes relating to student data privacy including, without limitation, A.R.S. §§ 15-1045 and 15-1046? 
5. Have you referred this matter to the Attorney General for an investigation under the consumer fraud statutes as contemplated in A.R.S. § 15-1046(G)?  

Read letter attached below.